WO2023025712A1 - Procédé pour attribuer un modèle numérique à un composant physique d'un système d'automatisation, système d'automatisation et installation de production - Google Patents

Procédé pour attribuer un modèle numérique à un composant physique d'un système d'automatisation, système d'automatisation et installation de production Download PDF

Info

Publication number
WO2023025712A1
WO2023025712A1 PCT/EP2022/073299 EP2022073299W WO2023025712A1 WO 2023025712 A1 WO2023025712 A1 WO 2023025712A1 EP 2022073299 W EP2022073299 W EP 2022073299W WO 2023025712 A1 WO2023025712 A1 WO 2023025712A1
Authority
WO
WIPO (PCT)
Prior art keywords
physical component
reference information
digital
digital model
automation system
Prior art date
Application number
PCT/EP2022/073299
Other languages
German (de)
English (en)
Inventor
Rainer Falk
Kai Fischer
Steffen Fries
Markus Heintel
Wolfgang Klasen
Aliza Maftun
Original Assignee
Siemens Aktiengesellschaft
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Siemens Aktiengesellschaft filed Critical Siemens Aktiengesellschaft
Priority to EP22768687.0A priority Critical patent/EP4364013A1/fr
Priority to CN202280057745.4A priority patent/CN117836768A/zh
Publication of WO2023025712A1 publication Critical patent/WO2023025712A1/fr

Links

Classifications

    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B19/00Programme-control systems
    • G05B19/02Programme-control systems electric
    • G05B19/418Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS] or computer integrated manufacturing [CIM]
    • G05B19/4183Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS] or computer integrated manufacturing [CIM] characterised by data acquisition, e.g. workpiece identification
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B17/00Systems involving the use of models or simulators of said systems
    • G05B17/02Systems involving the use of models or simulators of said systems electric
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B19/00Programme-control systems
    • G05B19/02Programme-control systems electric
    • G05B19/418Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS] or computer integrated manufacturing [CIM]
    • G05B19/41885Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS] or computer integrated manufacturing [CIM] characterised by modeling, simulation of the manufacturing system
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B2219/00Program-control systems
    • G05B2219/30Nc systems
    • G05B2219/31From computer integrated manufacturing till monitoring
    • G05B2219/31197Near field communication nfc
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B2219/00Program-control systems
    • G05B2219/30Nc systems
    • G05B2219/36Nc in input of data, input key till input tape
    • G05B2219/36371Barcode reader

Definitions

  • the invention relates to a method for assigning a digital model to a physical component of an automation system, an automation system and a production plant.
  • Digital models are known which form a virtual, digital image of a real object, in particular a device, a machine or a system. Such digital models are also referred to as digital twins.
  • a digital twin can also be implemented within the framework of an asset administration shell. The digital twin is implemented on a data processing system and can be reached via a communication network at an address, in particular an IP address and/or a DNS name and/or a URL.
  • Digital twins process sensitive data of the respectively assigned real object, the integrity and confidentiality of which must be ensured. It is therefore necessary to prevent incorrect data or data from an incorrect digital twin from being used. In addition, it must be prevented that sensitive data is made available to a false digital twin. Access to the data of a digital twin regularly requires access authentication, in which sensitive access data, in particular a password or an access token, such as a JSON web token or a SAML token, is used or transmitted.
  • sensitive access data in particular a password or an access token, such as a JSON web token or a SAML token
  • an improved production facility is to be specified.
  • This object of the invention is achieved with a method for assigning a digital model to a physical component of an automation system with the features specified in claim 1 and with an automation system with the features specified in claim 10 and with a production plant with the features specified in claim 14 .
  • Preferred developments of the invention are specified in the associated dependent claims, the following description and the drawing.
  • a physical component with reference information that refers to at least one digital model is used, and the digital model to which the reference information refers is determined and determined using the reference information assigned to the physical component.
  • the reference information is particularly preferred one physically integrated in or on the physical component and, in particular exclusively, in, in particular direct, contact with the physical component and/or accessible at a maximum spatial distance from the physical component.
  • the reference information of the physical component can thus advantageously be used in the method according to the invention. Consequently, access to the physical component is required in order to change the reference information that references the digital model. In this way, as a result of a physical component with reference information, the assignment of a digital model to the physical component is particularly secure, since it is difficult to change the reference information of the physical component remotely, unintentionally or with the intention of an attack. Consequently, the reference information provided according to the invention forms a kind of physical authentication of a reference to the digital model. The digital model is therefore anchored in the physical world at the physical component via the reference information of the physical component.
  • the reference information is particularly preferably physical reference information that can be read out optically or inductively or by radio.
  • the reference information is hardware-based, ie in particular not implemented as computer-implemented, changeable software.
  • the digital model within the meaning of the present invention is expediently a virtual, digital image of the physical component of the automation system, ie. H . a digital representation of the physical component, in particular in the form of a digital twin.
  • the digital twin can also be implemented as an asset administration shell.
  • the digital model particularly preferably includes a digital simulation of the physical component.
  • the digital twin is preferably realized on a data processing system ized and accessible under an address, in particular an IP address and/or a DNS name and/or a URL, via a communication network.
  • the reference information is preferably protected cryptographically, in particular by means of a cryptographic check value, preferably a digital signature or a message authentication code.
  • the reference information can particularly preferably be checked using a cryptographic component key or component certificate assigned to the physical component. In this way, manipulation of the reference information can also be effectively prevented.
  • the component key or the component certificate can expediently be read or queried directly from the physical component or is provided by a manufacturer or operator of the physical component.
  • the reference information preferably comprises an optically readable code, in particular a barcode or a QR code.
  • the reference information can easily be read optically, in particular using a barcode reader or a QR code reader, expediently using a barcode reader app or a QR code reader app on a smartphone or a tablet and/or a mobile computer.
  • the reference information has a contactless readable data carrier, in particular at least one active or passive radio chip, preferably an NFC label and/or an NFC token.
  • a contactless readable data carrier must be used to assign the digital model to the physical component in close proximity, i. H . with a maximum distance to the physical component.
  • the digital model can be automatically assigned to the physical component in close proximity to the physical component using a digital reader of the data carrier that can be read contactlessly.
  • a manual effort for assigning the digital model to the physical component can consequently be kept extremely low in this development of the invention.
  • the reference information expediently has an address, in particular a URL, and/or a reference, for example reference information, in particular a name, in a directory of digital models.
  • a reference for example reference information, in particular a name
  • the digital model can therefore be easily found on .
  • the digital model can preferably be localized unambiguously and assigned to the physical component.
  • the reference information particularly preferably has information about a category of data in the digital model and/or a further property of data in the digital model, in particular how up-to-dateness and/or transmission protection and/or accuracy of the data is.
  • the reference information can thus contain information about how up-to-date the data of the digital model is, with what security the data of the digital model is protected or is to be protected.
  • an accuracy of the data can also be included, in particular an accuracy of location data or an accuracy of the assignment of the data to persons, operators or devices, for example whether the data to individual persons or to groups of persons or to an individual operator or to operator assigned to groups or to an individual device or to device groups or to pseudonyms or not assigned at all, d . H . anonymous, are .
  • the physical component checks properties of the digital model and/or of data processed and provided by the digital model for agreement with specified properties. In this way, the physical component can determine whether properties of the digital model still match the actual properties of the physical component. In the event of a discrepancy, the physical component can de-associate the digital model with this physical component. For example, the reference information can be updated so that it can be determined that the digital model is no longer intended to be assigned to the physical component. In the case of detaching a digital model from a physical component, the physical component can revoke the reference information.
  • the reference information is valid for a limited time in the method.
  • the assignment of the digital model to the physical component must be undertaken again after the reference information has expired.
  • an assignment of the digital model to the physical component does not have to be revoked if the digital model is subject to security-critical changes, such as attacks by third parties on the digital model, but in this development it is the invention always required to follow a current reference information of the physical component to a digital model in order to make an assignment again.
  • the reference information preferably refers to two or more digital models physical component.
  • Digital models for the physical component can thus be present redundantly, which brings about a particularly high level of security against unintentional changes to the digital model. Attacks on the digital model can also be easily detected in this development of the invention, since undetected attacks would have to successfully take place synchronously on the two or more digital models. Furthermore, the availability can be improved if several digital models are available.
  • the automation system according to the invention is set up to carry out a method according to the invention as described above.
  • the automation system according to the invention comprises at least one physical component, the physical component comprising at least one item of reference information which refers to at least one digital model of the physical component.
  • the automation system according to the invention is consequently suitable for carrying out a method according to the invention.
  • the automation system according to the invention is particularly preferably set up to carry out a method according to the invention as described above.
  • the physical component particularly preferably includes an interface to the digital model of the physical component.
  • the two reference information points to the same digital model.
  • one and the same digital model can be assigned to two physical components.
  • the two physical components can be provided redundantly for safety reasons or for reasons of availability or for reasons of functional security (safety).
  • the automation system according to the invention is preferably a network, in particular an Internet of Things network or the automation system includes such a network, in particular an Internet of Things network.
  • the automation system according to the invention is part of a production plant.
  • the production plant according to the invention includes such an automatic machine according to the invention! security system .
  • the physical component in the invention, d. H . in the method according to the invention or in the automation system according to the invention, the physical component can be designed and set up to check properties of the digital model and/or data processed and provided by the digital model for correspondence with specified properties or data of the physical component. In this way, the physical component can determine whether properties of the digital model still match the actual properties of the physical component. In the event of a discrepancy, the physical component can de-associate the digital model with this physical component. In particular, the reference information can be updated so that it can be determined that the digital model is no longer intended to be assigned to the physical component.
  • the reference information can contain information which indicates whether the physical component carries out such a check and, if so, when this was last carried out and/or which properties are checked for consistency became .
  • the reference information can contain information from digital models to which the assignment has been resolved. This can be useful when a user has saved the connection of a physical component to a digital model to avoid accessing an invalid digital model.
  • Fig. 1 shows a flow of an embodiment of the method according to the invention for determining a trustworthy digital twin, schematically in a block diagram
  • FIG. 2 an automation system according to the invention with a physical component and with a digital twin when carrying out the method according to the invention for determining a trustworthy digital twin according to FIG. 1 schematically in a principle sketch z ze,
  • FIG. 3 shows a further exemplary embodiment of an automation system according to the invention with a physical component and with a digital twin when carrying out the method according to the invention for determining a trustworthy digital twin according to FIG. 1 schematically in a principle sketch z ze as well
  • FIG. 4 an application for the exemplary embodiments from FIG. 2 and 3 schematically in a principle sketch z ze.
  • a digital model is determined for a physical component of an automation system AUT.
  • a physical component in the form of a real industrial device RO (see FIG. 2) is used, which refers to at least one digital model in the form of a digital twin DT (FIG. 2).
  • the physical component refers to the digital model by means of reference information.
  • ERM On the digital model is determined in a determination step ERM and assigned to the physical component in an assignment step ZUG.
  • the automation system AUT according to the invention shown in FIG. 2 comprises a network NET and a real industrial device RO connected to the network NET, for which a trustworthy digital twin is determined using the method according to the invention.
  • the automation system AUT is a manufacturing system and the real industrial device RO is a physical component, for example in the form of a manufacturing tool.
  • the automation system AUT can also be another automation system in further exemplary embodiments that are not specifically shown, for example a process control system of a process engineering plant, for example a biotechnology plant, in which case the real industrial device RO can be a process monitor of the biotechnology plant or a valve or a transport container.
  • the digital twin forms a digital model of the industrial device RO, which receives data from the industrial environment to which the industrial device RO is exposed.
  • the digital model of the industrial device RO outputs a digital representation of the workpiece manufactured by the industrial device RO.
  • the digital twin thus processes control commands and environmental parameters into a digital model of the workpiece manufactured with the real industrial device RO.
  • further digital twins of the industrial device RO are present, which receive identical input data as described above, but provide different output data, for example output data in the form of a forecast, cost-optimized maintenance time of the real industrial device RO.
  • the real industrial device RO provides trustworthy identification information TADTAP for one or more digital twins DT.
  • This trustworthy piece of identification information TADTAP is used in a step HERA of the method according to the invention to allocate the digital twin DT.
  • the identification information TADTAP obtains its trustworthiness from the origin of the identification information from the real industrial device RO itself: the identification information is provided by hardware of the industrial device RO.
  • the hardware therefore carries out a hardware-based authentication ADT-Att of the identification information TADTAP of the respective digital twin DT.
  • the authentication ADT-Att of the identification information TADTAP of the respective digital twin DT is also simply referred to below as authentication ADT-Att.
  • the authentication ADT-Att contains the identification information TADTAP of the respective digital twin DT assigned to the real industrial device RO.
  • the identification information TADTAP of the respective digital twin DT can include, for example, a URL and/or a checksum, such as a hash value, and/or a digital fingerprint of a public key or a digital certificate of the digital twin DT.
  • the authentication ADT-Att additionally includes at least one piece of identification information of the real industrial device RO, which provides the authentication.
  • the identification information of the real industrial device RO can also be formed by means of a checksum, such as a hash value, and/or a digital fingerprint of a public key or a digital certificate or a verifiable credential (engl.: "Verifiable Credential") of the real industrial device RO.
  • a checksum such as a hash value
  • a digital fingerprint of a public key or a digital certificate or a verifiable credential engl.: "Verifiable Credential"
  • the identification information TADTAP of the respective digital twin DT contains an address for establishing a connection to the associated digital twin, for example a URL as described above.
  • the identification information TADTAP can provide a reference, by means of which the respective digital twin DT can be found, for example reference information about a symbolic name in a directory of digital twins.
  • the ADT-Att attestation may be formed with a Secure Element of a Trusted Execution Environment or a Crypto chip or Crypto IC of the object.
  • the information contained in the security element and confirmed with the authentication ADT-Att can be securely stored and managed in a manipulation-protected manner. In this way, the trustworthiness and integrity of the ADT-Att authentication can be ensured.
  • the authentication ADT-Att contains identification information from one or more digital twins assigned to the industrial device RO.
  • the authentication ADT-Att in further, not specifically illustrated embodiments also contains an indication of a respective purpose of use for the use of the respective digital twin, for example have a purpose of use in the form of a simulation and/or a configuration and/or a device management and/or a diagnosis of the real industrial device RO and/or a predictive maintenance of the real industrial device RO.
  • This specification of the purpose of use confirms that the respective digital twin is intended to be trustworthy for the realization of the specified purpose of use.
  • the specification can differentiate between different data elements, for example data paths, of the digital twin.
  • the real industrial device RO can provide different amounts of data from the real industrial device RO to a digital twin DT assigned to the real industrial device RO, or the data from the real industrial device RO is assigned to the digital twin DT with different frequency or provided differently protected.
  • the authentication ADT-Att can contain information about which of the data of the real industrial device RO is present in the digital twin DT assigned in each case and contain a quality specification which indicates, for example, the frequency of the update and/or protection of the transmission of the data provided.
  • the authentication ADT-Att can contain information about whether the data provided by the real industrial device RO may only be available after pre-processing, in particular anonymization or pseudonymization and/or filtering and/or noise, in the respective digital twin DT are replicated .
  • the authentication ADT-Att can also contain a chronological statement of validity for the assignment of the digital twin.
  • the authentication ADT-Att is arranged on the real industrial device RO itself and can be read out and cryptographically protected, for example, via RS232 and/or SPI and/or I2C and/or USB and/or optically via a code that can be displayed on a display of the device.
  • a read Available code that contains an alphanumeric code, a barcode or a QR code.
  • the readable code can be cryptographically protected, for example by a cryptographic key or a cryptographic check value such as a checksum.
  • the authentication can be formed with a component permanently connected to the real industrial device RO, for example an NFC label and/or an NFC token, which has a content of the authentication ADT that is cryptographically protected by a cryptographic test value such as a checksum. Att provides .
  • the cryptographic check value can be a digital signature or a message authentication code. You can in particular by a secret, d. H . private, device key of the real industrial device RO can be calculated, and be verifiable by a device certificate assigned to the real industrial device RO.
  • the authentication can be provided upon request or repeatedly sent out as a broadcast message. Authentication can also be done via a network interface, e.g. B. Ethernet or WLAN or a 5G mobile radio interface or a Bluetooth interface, are transmitted and are made available locally, for example, so only receivers are made available which do not exceed a maximum distance from the real industrial device RO. Such locally limited provision can be implemented, for example, by means of a non-routable IP address or by means of a radio signal with limited transmission power.
  • the real industrial device RO can check properties of the digital twin DT and/or data processed and provided by the digital twin DT for agreement with specified properties or data of the real industrial device RO. In this way, the real industrial device RO can determine whether properties of the digital twin DT still match the actual properties of the real industrial device RO. In case of a If there is a discrepancy, the real industrial device RO can resolve the assignment of the digital twin DT to this real industrial device RO. For example, the identification information TADTAP can be updated so that it can be determined that the digital twin DT is no longer intended to be assigned to the real industrial device RO.
  • the authentication ADT-Att can contain information that indicates whether the real industrial device RO carries out such a test and, if so, when this was last carried out and/or which properties were checked for a match.
  • the authentication ADT-Att can contain identification information TADTAP from digital twins DT to which the association has been broken. This can be useful if a user DTU has saved the connection of a real industrial device RO with a digital twin DT in order to avoid accessing an invalid digital twin.
  • the real industrial device RO provides an authentication ADT-Att to a user DTU.
  • the industrial device TDTDB maintains a database TDTDB of trusted digital twins DT .
  • the digital twins DT contained in this database TDTDB are clearly identified by the identification information TADTAP of the authentication ADT-Att and can be found by the user DTU.
  • the database TDTDB of trustworthy digital twins DT is managed and occasionally updated by a management service TDTM in the real industrial device RO, for example via a configuration interface of the real industrial device RO that is not explicitly shown.
  • the main function DMF of the real industrial device RO is, for example, a control or regulation functionality of the real industrial device RO, which represents a production tool.
  • the user DTU who wants to use a digital twin DT of the real industrial device RO, based on the authentication provided by the real industrial device RO, selects ADT- After checking the cryptographic protection of the authentication ADT-Att using a selection tool TDTD, Att selects a trustworthy digital twin DT from the database TDTDB in a determination step ERM of the method according to the invention.
  • the user DTU establishes a communication connection CON to the digital twin DT via the network NET using a URL of the digital twin DT contained in the authentication ADT-Att.
  • the user DTU consequently assigns the digital twin DT in an assignment step ZUG of the method according to the invention.
  • two apps APP running in an execution environment RT are provided for the user DTU in order to use digital twins DT.
  • a digital twin DT provided for this purpose can be automatically selected from the plurality of provided digital twins DT of the real industrial device RO, and corresponding information can be provided to the respective app APP.
  • the accessing user DTU can receive different authorizations depending on the purpose of use, with which either access to data of one of the specific real industrial devices RO assigned to the digital twin DT is possible or but the access to data of all real industrial devices RO assigned to the digital twin DT.
  • the last case makes it possible, for example, to compare the data from real industrial devices RO of the same type and can be used to carry out a plausibility check between different instances of the real industrial devices RO. This can e.g. B. be used for monitoring a real industrial device RO or for the comparison of redundant real industrial devices RO, for example for a "hot standby". Combination of data from several real industrial devices RO in the context of a production step of the automation system AUT possible.
  • Fig. 3 shows two real industrial devices RO1, RO2, which are assigned to only one digital twin DT.
  • the real industrial devices RO1, RO2 each provide an authentication ADT-Att1, ADT-Att2.
  • the user DTU accesses the assigned digital twin DT.
  • different authorizations for accessing the data of the digital twin DT can be configured on the user side DTU.
  • the authentications ADT-Att, ADT-Attl, ADT-Att2 can e.g. B. as ASN . 1 data structure or as XML or as a text document or as a binary file or as a JSON data structure or as an attribute value list or encoded in some other way and a cryptographically protected content by a cryptographic check value such as a checksum of authentication ADT-Att , ADT-Attl , ADT-Att2 .
  • the cryptographic check value can be implemented, for example, using a cryptographic one-way function and/or using a digital signature and/or using a message authentication code.
  • Fig. 4 shows, as an example of an application scenario, an automation system AUT with a number of real, physical industrial devices in the form of field devices FD1, FD2, FD3, FD4, FD5, FD6.
  • the field devices FD4, FD5 are connected directly to an open network CLO.
  • the field devices FD1, FD2, FD3, are located in a network NET of the automation system AUT, which is connected to the open network CLO via an edge server EDG.
  • the field device FD6 is intended as a replacement device and is not connected to the network NET of the automation system AUT.
  • a production machine PM here a machine tool, is an example a press or a transport system.
  • the automation system AUT comprises three means of production PT1, PT2, PT3, for example tools, such as a milling head for a machine tool or a print head for an additive manufacturing machine in the form of a 3D printer.
  • a cloud backend service CBE is also provided.
  • the automation system AUT shown in FIG. 4 forms a manufacturing system according to the invention.
  • one or more digital twins DT-FD1, DT-FD2, DT-FD3, DT-FD4, DT- FD5, DT-PM, DT-PT1, DT-PT2, DT-PT3 provided and assigned as virtual representations of the respective real field device FD1, FD2, FD3, FD4, FD5, FD6 and the production machine PM and the means of production PT1, PT2, PT3 .
  • these are implemented in the cloud backend CBE.
  • digital twins DT-FD1, DT-FD2 of the field devices FD1, FD2 are implemented on the edge server EDG of the automation system AUT, e.g. as a digital twin app DTAPP.
  • the field device FD3 also contains an integrated virtual digital twin DT-FD3 in order to be able to carry out simulations.

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Automation & Control Theory (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Manufacturing & Machinery (AREA)
  • Quality & Reliability (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

L'invention concerne un procédé pour attribuer un modèle numérique à un composant physique d'un système d'automatisation, procédé au cours duquel un composant physique doté d'une information de référence qui renvoie à au moins un modèle numérique est utilisé et le modèle numérique auquel l'information de référence renvoie est déterminé au moyen de l'information de référence et attribué au composant physique. Dans le système d'automatisation, qui comprend au moins un composant physique ainsi qu'une interface avec au moins un modèle numérique du composant physique, ce composant physique comprenant au moins une information de référence qui renvoie au(x) modèle(s) numérique(s) du composant physique. L'installation de production comprend un tel système d'automatisation.
PCT/EP2022/073299 2021-08-24 2022-08-22 Procédé pour attribuer un modèle numérique à un composant physique d'un système d'automatisation, système d'automatisation et installation de production WO2023025712A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP22768687.0A EP4364013A1 (fr) 2021-08-24 2022-08-22 Procédé pour attribuer un modèle numérique à un composant physique d'un système d'automatisation, système d'automatisation et installation de production
CN202280057745.4A CN117836768A (zh) 2021-08-24 2022-08-22 用于将数字模型分配给自动化系统的物理组件的方法、自动化系统和制造设施

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP21192862.7 2021-08-24
EP21192862.7A EP4141713A1 (fr) 2021-08-24 2021-08-24 Procédé d'affectation d'un modèle numérique à un composant physique d'un système d'automatisation, système d'automatisation et installation de production

Publications (1)

Publication Number Publication Date
WO2023025712A1 true WO2023025712A1 (fr) 2023-03-02

Family

ID=77499644

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2022/073299 WO2023025712A1 (fr) 2021-08-24 2022-08-22 Procédé pour attribuer un modèle numérique à un composant physique d'un système d'automatisation, système d'automatisation et installation de production

Country Status (3)

Country Link
EP (2) EP4141713A1 (fr)
CN (1) CN117836768A (fr)
WO (1) WO2023025712A1 (fr)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021061800A1 (fr) * 2019-09-23 2021-04-01 Avery Dennison Retail Information Services, Llc Systèmes et procédés de déclencheurs numériques et de jumeaux numériques

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021061800A1 (fr) * 2019-09-23 2021-04-01 Avery Dennison Retail Information Services, Llc Systèmes et procédés de déclencheurs numériques et de jumeaux numériques

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
FOCARDI RICCARDO ET AL: "Usable cryptographic QR codes", 2018 IEEE INTERNATIONAL CONFERENCE ON INDUSTRIAL TECHNOLOGY (ICIT), IEEE, 20 February 2018 (2018-02-20), pages 1664 - 1669, XP033336895, DOI: 10.1109/ICIT.2018.8352431 *
PADOVANO ANTONIO ET AL: "A Digital Twin based Service Oriented Application for a 4.0 Knowledge Navigation in the Smart Factory", IFAC-PAPERSONLINE, vol. 51, no. 11, 1 January 2018 (2018-01-01), DE, pages 631 - 636, XP055880941, ISSN: 2405-8963, DOI: 10.1016/j.ifacol.2018.08.389 *
TALKHESTANI BEHRANG ASHTARI ET AL: "Consistency check to synchronize the Digital Twin of manufacturing automation based on anchor points", PROCEDIA CIRP, vol. 72, 1 January 2018 (2018-01-01), NL, pages 159 - 164, XP093013090, ISSN: 2212-8271, DOI: 10.1016/j.procir.2018.03.166 *

Also Published As

Publication number Publication date
EP4141713A1 (fr) 2023-03-01
EP4364013A1 (fr) 2024-05-08
CN117836768A (zh) 2024-04-05

Similar Documents

Publication Publication Date Title
EP3295646B1 (fr) Vérification d'un cohérence entre des données de référence d'un objet de fabrication et des données d'une représentation numérique dudit objet de fabrication
EP3488555B1 (fr) Traitement sécurisé d'une demande d'attestation d'autorisation
EP2936259B1 (fr) Actualisation d'un certificat d'appareil numérique d'un appareil d'automatisation
DE102009027723A1 (de) Verfahren zum Lesen von Attributen aus einem ID-Token
DE102020133597A1 (de) Personalprofile und fingerabdruckauthentifizierung für configuration engineering- und laufzeitanwendungen
EP3763089B1 (fr) Procédé et système de contrôle pour le contrôle et/ou la surveillance d'appareils
EP3743844B1 (fr) Système d'identité basé sur chaînes de blocs
EP3777088A1 (fr) Procédé et système de commande d'une libération d'une ressource
DE102017011464A1 (de) Bedieneridentifikationssystem
DE102015225275A1 (de) ID-Token mit geschütztem Mikrocontroller
EP3373545A1 (fr) Unité de sécurité en particulier pour un appareil iot et procédé d'exécution d'une ou plusieurs applications d'échange de données sécurisé avec un ou plusieurs serveurs de fournisseur de service web
DE102018211597A1 (de) Verfahren zur Einrichtung eines Berechtigungsnachweises für ein erstes Gerät
WO2018059852A1 (fr) Procédé pour garantir l'authenticité d'un appareil de terrain
WO2023025712A1 (fr) Procédé pour attribuer un modèle numérique à un composant physique d'un système d'automatisation, système d'automatisation et installation de production
DE102019130067B4 (de) Verfahren zur Durchführung einer erlaubnisabhängigen Kommunikation zwischen wenigstens einem Feldgerät der Automatisierungstechnik und einem Bediengerät
EP1652337B1 (fr) Procede pour signer une quantite de donnees dans un systeme a cle publique et systeme de traitement de donnees pour la mise en oeuvre dudit procede
WO2011072952A1 (fr) Dispositif et procédé pour accorder des droits d'accès à une fonctionnalité de maintenance
EP3254432A1 (fr) Procédé de gestion d'autorisation dans un ensemble comportant plusieurs systèmes informatiques
EP2137705B1 (fr) Procédé pour transmettre les données concernant une personne à un dispositif de contrôle
EP3657750B1 (fr) Procédé d'authentification des lunettes intelligentes dans un réseau de données
DE102010018021A1 (de) Verfahren zum Konfigurieren einer Applikation für ein Endgerät
DE102015214340A1 (de) Sperrdienst für ein durch einen ID-Token erzeugtes Zertifikat
WO2015043807A1 (fr) Adaptation de règles d'accès pour un échange de données entre un premier réseau et un second réseau
EP3901715B1 (fr) Procédé de vérification de l'origine authentique des modules électroniques d'un appareil de terrain modulaire de la technique de l'automatisation
DE102016219207A1 (de) Verfahren und vorrichtung zum zertifizieren einer sicherheitskritischen funktionskette

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22768687

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 2022768687

Country of ref document: EP

ENP Entry into the national phase

Ref document number: 2022768687

Country of ref document: EP

Effective date: 20240202

WWE Wipo information: entry into national phase

Ref document number: 202280057745.4

Country of ref document: CN

WWE Wipo information: entry into national phase

Ref document number: 18686102

Country of ref document: US

NENP Non-entry into the national phase

Ref country code: DE